[NTLUG:Discuss] OT: Cryptography Key Length
Leroy Tennison
leroy_tennison at prodigy.net
Sun May 27 00:51:50 CDT 2007
Dennis Rice wrote:
> Just wanting to start a general topic discussion regarding encrypting of
> a message. I am assuming that all have some familiarity with GPG (alias
> PGP) in the open source world.
>
> The old legal limits to encryption using a symmetric key was 56 bits,
> and is now 128 if I understand correctly. Today, I am under the
> impression that an asymmetric key is equivalent to a shorter symmetric key.
>
> In presenting the GPG process in class the other day, I observed that
> the new limits to GPG for key length was between 1024 and 4096 bits (it
> use to be 768 to a "recommended" 2048, default 1024). I attempted to
> create a 8192 bit key, and the gnupg software said no (nicely), so I
> chose a 4096 key length.
>
> OK, all that is great, but how does that fit into the limitations
> presented by the law? There are distinct reasons for limiting the key
> length by the government (no opinion presented), and I thought it was
> 128 bits. So how does one have the right to create a 4096 bit key and
> not have the feds coming down on us? I sure would hate to see a
> limitation to encryption placed on us by limiting the encryption key,
> but at the same time, I more dislike the idea of some drug dealer or
> terrorist sending encrypted messages back and forth using a large key
> under gpg.
>
> Hopefully a general discussion that might be of interest to more than
> just myself. Appreciate your discussion.
>
> Dennis
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
>
Rats, I was reading an article on the Web yesterday where there was a
warning about 1024 bit keys becoming insecure in a few years. Did I
bookmark or otherwise note it's location? Of course not!
More information about the Discuss
mailing list